Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          /Bilh/XVEH1HdWI7I13/V6jAKqlufxpFgjvinpuDNak=
Subject key identifier:   2E:56:34:93:B0:B9:49:96:9F:B6:D9:63:36:16:A6:CA:3B:10:95:CE
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       018F87ED7FC29BE44DC83AD460BE69945533
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          0967
Signing time:             Fri 17 May 2024 19:00:39 +0000
Manifest this update:     Fri 17 May 2024 19:00:39 +0000
Manifest next update:     Sat 18 May 2024 19:00:39 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: pkuqTwDX4nYc7ta1XjlrTLZfkjqnOFNYPCpaF2DWcZo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:7f:c2:9b:e4:4d:c8:3a:d4:60:be:69:94:55:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: May 17 19:00:39 2024 GMT
            Not After : May 18 19:00:39 2024 GMT
        Subject: CN=2e563493b0b949969fb6d9633616a6ca3b1095ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:be:e8:a5:6d:e5:e8:85:00:8c:a4:24:c3:f7:
                    f1:4c:00:26:95:b1:5a:fe:32:74:cb:c8:25:9b:c6:
                    1f:75:50:d0:a4:82:68:81:89:84:84:a0:20:ad:15:
                    43:90:c7:fe:a6:51:ca:77:48:bf:44:3c:35:9a:ce:
                    d9:d3:5d:65:ce:60:1a:10:cb:1b:21:6b:48:45:bd:
                    1d:c1:06:26:5f:9b:e2:3e:c5:cd:97:fd:ef:e4:f9:
                    c3:94:cb:5b:96:c7:47:82:cf:ff:f5:cb:0b:3f:62:
                    4a:c9:7b:83:5f:07:a9:5b:a5:84:a5:38:a3:2a:0e:
                    29:06:57:7c:16:c0:6b:7e:71:94:93:fb:44:46:8c:
                    a4:91:7b:5e:a6:08:d3:83:66:0b:cd:f9:ca:99:04:
                    11:8b:f2:61:b5:4e:52:ef:c3:c1:b5:1a:1d:60:7c:
                    db:54:2b:69:7f:11:92:b6:76:ef:54:c4:df:e9:cd:
                    96:3c:ad:04:13:0a:6f:26:03:7a:33:c7:e1:8a:48:
                    5c:f5:d6:1d:cc:eb:a5:65:81:aa:e4:b0:b0:41:47:
                    68:c2:b4:03:70:bf:00:63:4a:b0:10:f0:eb:f5:5e:
                    4a:b2:c3:1c:a6:f1:24:9e:cd:22:b1:15:e4:08:d0:
                    58:c7:bd:51:64:1c:a5:0c:d8:d7:13:a4:b5:51:1b:
                    46:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:56:34:93:B0:B9:49:96:9F:B6:D9:63:36:16:A6:CA:3B:10:95:CE
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:40:17:59:6f:08:ba:72:fc:66:6b:a6:24:31:0d:2d:59:50:
         cd:53:35:b1:ad:34:0c:94:4d:1f:c0:c0:0c:33:f0:b8:63:4e:
         0c:04:51:51:69:61:26:05:a0:ca:45:b0:bd:c6:db:b9:3c:39:
         42:c3:85:89:f5:57:02:35:2c:0c:b8:32:68:7e:45:ac:fa:ae:
         0d:62:53:3e:26:85:e4:2a:ca:53:f9:83:4c:0e:e2:02:5c:e2:
         a2:96:51:3f:93:b6:75:17:a7:db:42:97:83:58:fd:97:8c:b1:
         f3:56:52:d1:e1:0a:76:53:60:6c:59:d0:e5:a7:1a:56:c6:57:
         59:f3:49:81:ab:7c:84:cc:8b:0d:04:f5:9f:f8:b9:50:52:32:
         a6:f7:d8:89:2a:cd:a9:7d:cd:26:6c:e0:28:86:ff:de:3a:28:
         fd:2c:b5:a5:f0:ec:7e:f4:56:fb:ed:cb:22:46:bf:90:f3:32:
         55:0f:66:2f:bb:d2:e6:bc:13:59:d7:13:27:8f:b8:92:93:8f:
         1d:78:49:1d:6b:39:91:51:e7:93:20:6d:7a:ba:56:f2:aa:d0:
         ce:63:88:77:27:cb:5d:39:26:9d:b2:2e:6f:95:f2:a8:ad:01:
         8c:76:a7:5b:23:b9:0d:5d:ef:73:51:cb:19:b3:d6:b9:0d:b6:
         67:78:d5:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7X/Cm+RNyDrUYL5plFUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjQwNTE3MTkwMDM5WhcNMjQwNTE4MTkwMDM5WjAzMTEwLwYDVQQD
EygyZTU2MzQ5M2IwYjk0OTk2OWZiNmQ5NjMzNjE2YTZjYTNiMTA5NWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApL7opW3l6IUAjKQkw/fxTAAmlbFa
/jJ0y8glm8YfdVDQpIJogYmEhKAgrRVDkMf+plHKd0i/RDw1ms7Z011lzmAaEMsb
IWtIRb0dwQYmX5viPsXNl/3v5PnDlMtblsdHgs//9csLP2JKyXuDXwepW6WEpTij
Kg4pBld8FsBrfnGUk/tERoykkXtepgjTg2YLzfnKmQQRi/JhtU5S78PBtRodYHzb
VCtpfxGStnbvVMTf6c2WPK0EEwpvJgN6M8fhikhc9dYdzOulZYGq5LCwQUdowrQD
cL8AY0qwEPDr9V5KssMcpvEkns0isRXkCNBYx71RZBylDNjXE6S1URtGuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC5WNJOwuUmWn7bZYzYWpso7EJXOMB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd0AXWW8I
unL8ZmumJDENLVlQzVM1sa00DJRNH8DADDPwuGNODARRUWlhJgWgykWwvcbbuTw5
QsOFifVXAjUsDLgyaH5FrPquDWJTPiaF5CrKU/mDTA7iAlziopZRP5O2dRen20KX
g1j9l4yx81ZS0eEKdlNgbFnQ5acaVsZXWfNJgat8hMyLDQT1n/i5UFIypvfYiSrN
qX3NJmzgKIb/3joo/Sy1pfDsfvRW++3LIka/kPMyVQ9mL7vS5rwTWdcTJ4+4kpOP
HXhJHWs5kVHnkyBterpW8qrQzmOIdyfLXTkmnbIub5XyqK0BjHanWyO5DV3vc1HL
GbPWuQ22Z3jVyg==
-----END CERTIFICATE-----